Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Users who experienced issues when installing a recent Windows patch likely are infected by the Alureon rootkit, Microsft has announced."We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third-party applications and software," Mike Reavey, director of the Microsoft Security Response Center, said in a blog post. "The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state.Microsoft began investigating the issue after some Windows XP SP2 and SP3 customers complained that after installing one of the patches the company released earlier this month, the so-called 'blue screen of death' resulted when they attempted to restart. The patch was bulletin MS10-015, which repairs privilege-escalation vulnerabilities in the Windows kernel.The software giant concluded that the patch met all quality assurance protocols and "confirmed that all of the affected systems had the Alureon rootkit installed," Reavey said. Users unable to remove the malware from their machines by using a security solution should consider backing up all essential files, wiping their hard drive clean and reinstalling Windows, he said. Microsoft did not discover the issue during its testing of the patch because malware such as the Alureon rookit would leave systems in such an unstable state that they could not be effectively tested, Reavey said.When installed on a machine, Alureon "may download and execute other files, block access to certain websites, and redirect searches", according to a Microsoft summary.Microsoft still considers MS10-015 to be a high-priority patch."Our guidance remains the same," Reavey said. "Customers should continue to deploy this month's security updates and make sure their systems are up-to-date with the latest anti-virus software."See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.